ALAS-2012-117


Amazon Linux AMI Security Advisory: ALAS-2012-117
Advisory Release Date: 2014-09-14 16:50 Pacific
Severity: Low

Issue Overview:

It was found that the OpenLDAP server daemon ignored olcTLSCipherSuite settings. This resulted in the default cipher suite always being used, which could lead to weaker than expected ciphers being accepted during Transport Layer Security (TLS) negotiation with OpenLDAP clients. (CVE-2012-2668 )


Affected Packages:

openldap


Issue Correction:
Run yum update openldap to update your system.

New Packages:
i686:
    openldap-clients-2.4.23-26.16.amzn1.i686
    openldap-devel-2.4.23-26.16.amzn1.i686
    openldap-debuginfo-2.4.23-26.16.amzn1.i686
    openldap-servers-2.4.23-26.16.amzn1.i686
    openldap-servers-sql-2.4.23-26.16.amzn1.i686
    openldap-2.4.23-26.16.amzn1.i686

src:
    openldap-2.4.23-26.16.amzn1.src

x86_64:
    openldap-clients-2.4.23-26.16.amzn1.x86_64
    openldap-servers-sql-2.4.23-26.16.amzn1.x86_64
    openldap-2.4.23-26.16.amzn1.x86_64
    openldap-devel-2.4.23-26.16.amzn1.x86_64
    openldap-servers-2.4.23-26.16.amzn1.x86_64
    openldap-debuginfo-2.4.23-26.16.amzn1.x86_64